Docs, code cleanup, and protect the extra new fields of HELLO with encryption as a precaution.

author: Adam Ierymenko <adam.ierymenko@gmail.com> 2017-02-05 16:19:03 -0800
committer: Adam Ierymenko <adam.ierymenko@gmail.com> 2017-02-05 16:19:03 -0800
commit: 43182f8f57483a47f1b44cdcf9dbb5387511afc2 (patch)
tree: 64643b558feb10a7950dda06b9cded0100bb73c9 /node/Peer.cpp
parent: 594cb1fad8db5b551982ae948d43a01b25494f05 (diff)
download: infinitytier-43182f8f57483a47f1b44cdcf9dbb5387511afc2.tar.gz
infinitytier-43182f8f57483a47f1b44cdcf9dbb5387511afc2.zip
1 files changed, 13 insertions, 9 deletions
diff --git a/node/Peer.cpp b/node/Peer.cpp
index bb6b945d..338bea10 100644
--- a/node/Peer.cpp
+++ b/node/Peer.cpp
@@ -203,7 +203,7 @@ void Peer::received(
 #endif
 			} else {
 				TRACE("got %s via unknown path %s(%s), confirming...",Packet::verbString(verb),_id.address().toString().c_str(),path->address().toString().c_str());
-				attemptToContactAt(path->localAddress(),path->address(),now);
+				attemptToContactAt(path->localAddress(),path->address(),now,true);
 				path->sent(now);
 			}
 		}
@@ -357,6 +357,8 @@ void Peer::sendHELLO(const InetAddress &localAddr,const InetAddress &atAddress,u
 	outp.append((uint64_t)RR->topology->planetWorldId());
 	outp.append((uint64_t)RR->topology->planetWorldTimestamp());
 
+	const unsigned int startCryptedPortionAt = outp.size();
+
 	std::vector<World> moons(RR->topology->moons());
 	outp.append((uint16_t)moons.size());
 	for(std::vector<World>::const_iterator m(moons.begin());m!=moons.end();++m) {
@@ -368,21 +370,23 @@ void Peer::sendHELLO(const InetAddress &localAddr,const InetAddress &atAddress,u
 	const unsigned int corSizeAt = outp.size();
 	outp.addSize(2);
 	RR->topology->appendCertificateOfRepresentation(outp);
-	outp.setAt(corSizeAt,(uint16_t)((outp.size() - corSizeAt) - 2));
+	outp.setAt(corSizeAt,(uint16_t)(outp.size() - (corSizeAt + 2)));
+
+	outp.cryptField(_key,startCryptedPortionAt,outp.size() - startCryptedPortionAt);
 
 	RR->node->expectReplyTo(outp.packetId());
 
 	if (atAddress) {
-		outp.armor(_key,false);
+		outp.armor(_key,false); // false == don't encrypt full payload, but add MAC
 		RR->node->putPacket(localAddr,atAddress,outp.data(),outp.size());
 	} else {
-		RR->sw->send(outp,false);
+		RR->sw->send(outp,false); // false == don't encrypt full payload, but add MAC
 	}
 }
 
-void Peer::attemptToContactAt(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now)
+void Peer::attemptToContactAt(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now,bool sendFullHello)
 {
-	if ( (_vProto >= 5) && ( !((_vMajor == 1)&&(_vMinor == 1)&&(_vRevision == 0)) ) ) {
+	if ( (!sendFullHello) && (_vProto >= 5) && (!((_vMajor == 1)&&(_vMinor == 1)&&(_vRevision == 0))) ) {
 		Packet outp(_id.address(),RR->identity.address(),Packet::VERB_ECHO);
 		RR->node->expectReplyTo(outp.packetId());
 		outp.armor(_key,true);
@@ -398,7 +402,7 @@ void Peer::tryMemorizedPath(uint64_t now)
 		_lastTriedMemorizedPath = now;
 		InetAddress mp;
 		if (RR->node->externalPathLookup(_id.address(),-1,mp))
-			attemptToContactAt(InetAddress(),mp,now);
+			attemptToContactAt(InetAddress(),mp,now,true);
 	}
 }
 
@@ -420,7 +424,7 @@ bool Peer::doPingAndKeepalive(uint64_t now,int inetAddressFamily)
 
 	if (bestp >= 0) {
 		if ( ((now - _paths[bestp].lastReceive) >= ZT_PEER_PING_PERIOD) || (_paths[bestp].path->needsHeartbeat(now)) ) {
-			attemptToContactAt(_paths[bestp].path->localAddress(),_paths[bestp].path->address(),now);
+			attemptToContactAt(_paths[bestp].path->localAddress(),_paths[bestp].path->address(),now,false);
 			_paths[bestp].path->sent(now);
 		}
 		return true;
@@ -444,7 +448,7 @@ void Peer::resetWithinScope(InetAddress::IpScope scope,int inetAddressFamily,uin
 	Mutex::Lock _l(_paths_m);
 	for(unsigned int p=0;p<_numPaths;++p) {
 		if ( (_paths[p].path->address().ss_family == inetAddressFamily) && (_paths[p].path->address().ipScope() == scope) ) {
-			attemptToContactAt(_paths[p].path->localAddress(),_paths[p].path->address(),now);
+			attemptToContactAt(_paths[p].path->localAddress(),_paths[p].path->address(),now,false);
 			_paths[p].path->sent(now);
 			_paths[p].lastReceive = 0; // path will not be used unless it speaks again
 		}
author	Adam Ierymenko <adam.ierymenko@gmail.com>	2017-02-05 16:19:03 -0800
committer	Adam Ierymenko <adam.ierymenko@gmail.com>	2017-02-05 16:19:03 -0800
commit	43182f8f57483a47f1b44cdcf9dbb5387511afc2 (patch)
tree	64643b558feb10a7950dda06b9cded0100bb73c9 /node/Peer.cpp
parent	594cb1fad8db5b551982ae948d43a01b25494f05 (diff)
download	infinitytier-43182f8f57483a47f1b44cdcf9dbb5387511afc2.tar.gz infinitytier-43182f8f57483a47f1b44cdcf9dbb5387511afc2.zip